We have a local server that exports an NFS share, used as parent directory for Linux home folders in the network. The users authenticate via LDAP (running on the same server).

Authentication works fine, and the home folders on the share also work well for the users after they have logged in to a client machine.

However, there is one problem: the root user on the client cannot access the user folders. That is a problem as even simple things such as sudo apt-get produce errors because root cannot write to the user's folder.

I thought the problem might be that the home folder permissions on the NFS server are 0700, thus only accessible by the user itself. So I have changed this permission to 0770, also also set the group ownership of the user folder on the server to 0, i.e. root. I assumed this should work, as 0 is also root's group ID on the client machines.

3 Answers
3

Very often, it is not desirable that the root user on a client machine
is also treated as root when accessing files on the NFS server. To
this end, uid 0 is normally mapped to a different id: the so-called
anonymous or nobody uid. This mode of operation (called 'root
squashing') is the default, and can be turned off with no_root_squash.